CVE-2025-14831
Gnutls: gnutls: denial of service via excessive resource consumption during certificate verification
CVSS Score
5.3
EPSS Score
0.1%
EPSS Percentile
20th
A flaw was found in GnuTLS. This vulnerability allows a denial of service (DoS) by excessive CPU (Central Processing Unit) and memory consumption via specially crafted malicious certificates containing a large number of name constraints and subject alternative names (SANs).
| CWE | CWE-407 |
| Vendor | red hat |
| Product | red hat enterprise linux 10 |
| Published | Feb 9, 2026 |
| Last Updated | Apr 15, 2026 |
Stay Ahead of the Next One
Get instant alerts for red hat red hat enterprise linux 10
Be the first to know when new medium vulnerabilities affecting red hat red hat enterprise linux 10 are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
CVSS v3 Breakdown
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
Low
Affected Versions
Red Hat / Red Hat Enterprise Linux 10
All versions affected Red Hat / Red Hat Enterprise Linux 10.0 Extended Update Support
All versions affected Red Hat / Red Hat Enterprise Linux 8
All versions affected Red Hat / Red Hat Enterprise Linux 8
All versions affected Red Hat / Red Hat Enterprise Linux 9
All versions affected Red Hat / Red Hat Enterprise Linux 9
All versions affected Red Hat / Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions
All versions affected Red Hat / Red Hat Enterprise Linux 9.4 Extended Update Support
All versions affected Red Hat / Red Hat Enterprise Linux 9.6 Extended Update Support
All versions affected Red Hat / Red Hat AI Inference Server 3.2
All versions affected Red Hat / Red Hat Ceph Storage 8
All versions affected Red Hat / Red Hat Discovery 2
All versions affected Red Hat / Red Hat Discovery 2
All versions affected Red Hat / Red Hat Insights proxy 1.5
All versions affected Red Hat / Red Hat Update Infrastructure 5
All versions affected Red Hat / Red Hat Update Infrastructure 5
All versions affected Red Hat / Red Hat Update Infrastructure 5
All versions affected Red Hat / Red Hat Update Infrastructure 5
All versions affected Red Hat / Red Hat Enterprise Linux 6
All versions affected Red Hat / Red Hat Enterprise Linux 7
All versions affected Red Hat / Red Hat Hardened Images
All versions affected Red Hat / Red Hat OpenShift Container Platform 4
All versions affected References
access.redhat.com: https://access.redhat.com/errata/RHSA-2026:3477 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:4188 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:4655 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:4943 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:5585 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:5606 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:6618 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:6630 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:6737 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:6738 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:7329 access.redhat.com: https://access.redhat.com/errata/RHSA-2026:7335 access.redhat.com: https://access.redhat.com/security/cve/CVE-2025-14831 bugzilla.redhat.com: https://bugzilla.redhat.com/show_bug.cgi?id=2423177 gitlab.com: https://gitlab.com/gnutls/gnutls/-/issues/1773